CVE-2026-45205 – Apache Commons Configuration: StackOverflowError for YAML input with cycles

CVE ID :CVE-2026-45205

Published : May 14, 2026, 12:16 p.m. | 41 minutes ago

Description :Uncontrolled Recursion vulnerability in Apache Commons.

When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError for YAML input with cycles.
This issue affects Apache Commons: from 2.2 before 2.15.0.

Users are recommended to upgrade to version 2.15.0, which fixes the issue.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-6637 – PostgreSQL refint allows stack buffer overflow and SQL injection

CVE-2026-6575 – PostgreSQL pg_restore_attribute_stats accepts values that cause query planning to read past end of stats array

CVE-2026-6479 – PostgreSQL SSL/GSS init causes denial of service, via uncontrolled recursion

CVE-2026-6478 – PostgreSQL discloses MD5-hashed passwords via covert timing channel